cvedb.io
CVE-2021-31840
HIGH · CVSS 7.3
EPSS exploitation probability: 0%
Published 2021-06-10T17:15:08.180 · Last modified 2026-06-17T03:52:19.747

Summary

A vulnerability in the preloading mechanism of specific dynamic link libraries in McAfee Agent for Windows prior to 5.7.3 could allow an authenticated, local attacker to perform a DLL preloading attack with unsigned DLLs. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. This would result in the user gaining elevated permissions and being able to execute arbitrary code.

Affected products

mcafee — mcafee_agent

Does this affect you?

Add your gear to cvedb and we'll alert you only when mcafee ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.